Date: Wed, 14 Apr 2004 14:27:24 -0700
From: Greg KH <greg@kroah.com>
To: Marc-Christian Petersen <m.c.p@kernel.linux-systeme.com>
Cc: linux-kernel@vger.kernel.org, Linus Torvalds <torvalds@osdl.org>,
       Andrew Morton <akpm@osdl.org>
Subject: Re: [SECURITY] CAN-2004-0075 (was: Re: [SECURITY] CAN-2004-0109 isofs fix.)
Message-ID: <20040414212724.GA24809@kroah.com>
References: <20040414171147.GB23419@redhat.com> <200404142230.33553@WOLK>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200404142230.33553@WOLK>
User-Agent: Mutt/1.5.6i
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1080
Lines: 30

On Wed, Apr 14, 2004 at 10:30:33PM +0200, Marc-Christian Petersen wrote:
> On Wednesday 14 April 2004 19:11, Dave Jones wrote:
> 
> Hi,
> 
> > Merged in 2.4, and various vendor kernels today..
> 
> Okay, now while we are at fixing security holes, is there any chance we 
> can _finally_ get the attached patch in?
> 
> The Vicam USB driver in all Linux Kernels 2.6 mainline does not use the 
> copy_from_user function when copying data from userspace to kernel space, 
> which crosses security boundaries and allows local users to cause a denial
> of service.
> 
> Already ACKed by Greg. Only complaint was inproper coding style which is done 
> with attached patch ;)

Eeek, I thought this one was already in the tree, very sorry about that.

I'm applying it now and will send it to Linus in a bit.

thanks for reminding me,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/